Category Archives: Linux Servers and Software

General Linux server and software information.

eCommerce Platforms, On-line Shops, Web store, Cloud Trading

Call it what you will, the on-line sales process kicked-off barely 20 years ago, and I opened my first store in 1999, and swapped into osCommerce in 2000 / 2001 and stuck with it until last year.

I have worked with a large number of eCommerce solutions and other open source platforms over the years for myself and clients.

With a lot of other pressures I stopped searching and became complacent with my store leaving it run for too many years without an update. I worked with clients modifying platforms to suit their needs but in following the osCommerce method of hard-coding so much of the system any chance of a simple upgrade path was killed in a forked path that ultimately leads to a dead-end.

So, what to do next?  The open source store market is flourishing with more offerings than you can ‘poke-a-stick-at’.

There are pure open-source solutions, open-source commercial products, 2-tier open / commercial offerings, pure commercial tools, as well as a lot of noise from service providers.

Bricks and mortar stores have been changing, large shopping malls are being up-sized, or stagnating, with empty floor space. What-ever cannot be sold by mail-order is still viable in-store, but there are only so many coffee-shops, hair-dressers, nail salons, etc. that can survive in a centre, but I digress.

So for the mail-order products, i.e. anything that can be posted, parceled, or containerised, is eligible for an ecommerce site. Is anyone not selling on-line ?  While it may seem that everything is on-line it is simply not the case.

Some studies show that consumers still want a physical shopping experience.

http://www.businessnewsdaily.com/7756-online-shopping-preferences.html

http://smallbiztrends.com/2014/08/consumers-prefer-shopping-in-a-store.html

There is also an older but more in-depth commentary from the Harvard Business Review on physical vs ecommerce.

In Australia, government studies from only 18 months ago, showed that small and medium enterprises a lagging in this country with their on-line presence and capability. There are obviously still great opportunities in all markets for any business to commence their on-line presence and include on-line trading in one form or another.

So, #1 there is a large percentage of businesses not online who could be, and #2 consumers will make use of both bricks and mortar and virtual stores without exclusion of one over the other.

So the questions that I am trying to answer include: What is the answer (and is that answer singular?) to on-line trading for Australian businesses? What platforms will provide a good solution now and potentially the future? What are the strategies that will work to marry both a shop of bricks and one of ether ?

Particularly I am interested in retail and small end retail, the Mum & Dad store that many years ago was in a strip-centre of a dozen stores or less.

I don’t have answers but I am working on them.

osCommerce 3 the Un – roadmap

Hmm,  what you will not find here is a roadmap.

To paraphrase a StarTrek statement “She’s dead Jim!”.

Well, probably not dead to the handful of folks that are intimately engaged with it,2015-03-31 20_08_36-Pulse · osCommerce_oscommerce · GitHub but to the outsiders like myself, a long-term, like I have been a since-it-started user, I only need to look at the GitHub repository and note that it does not have a pulse.

 

Reviewing the commits shows that even Harald 2015-03-31 20_08_19-osCommerce_oscommerce · GitHubhas been silent on the V3.0.x version with nothing for over 3 years, and even then the ‘latest’ stuff includes items from 4 years ago, and a solitary update to a ‘ReadMe’ file 2 years ago.

2015-03-31 20_09_09-Contributors to osCommerce_oscommerce · GitHub This GitHub activity graph highlights the few peaks and mostly troughs of in-activity and only two players involved.

This was all a snap-shot from GitHub at 31/3/2015. It might have changed since and you can check the latest at https://github.com/osCommerce/oscommerce/graphs/contributors

 

Why am I publishing this?  I need to be sure that the platform I am using and recommending to clients is contemporary and of value. I have long campaigned as a pro open-source user and developer (albeit part-time as most OS people are). Seriously, version 2 of osC and all the forks, including osCmax, which has been a favourite for a number of years, have all fallen behind in terms of ability to deliver. The causes include developer needs being satisfied, end-users engaging with developers and then not wanting to invest any more time or cash, GFC’s or similar global phenomena, general apathy, and the fact that for an OS developer, you invest a stack of time for the joy of making it work, and that rush stops working.

Responsive templates, Google Mobile testing, image management, are all critical these days, and a platform that is struggling to remain relevant is not a path I think we should persist with.

Granted, version 2 of osCommerce has been kind of active and still has a strong community, but is it relevant, even if the plan is to, perhaps one day, reach an automated migration from 2.x to 3.x, if v3.x is already 9 years out-of-date. (osC 3 was first actively promoted in September 2006)

Technology moves too damn fast, time to move on.

NextGen Gallery image file name change thumbnail error occurred

The NextGen Gallery is one of the plugins that I use on lots of WordPress sites.

I’d never struck this before and the information from all the blogs and forum posts I looked at did not or could not resolve how to fix this issue.

The situation arises when you rename an image file directly in the file manager, or in my case the linux command line. The filename is actually stored in the database in the wp_ngg_pictures table and for manual correction you would expect that updating the filename column would be sufficient.

Then selecting the image and the recreate thumbnail option is expected to do just that, but it doesn’t. You may see an “error occurred” message in the thumbnail creation screen but it is not a helpful message.

The issue is in fact that the thumbnail details are stored in another column called metadata in the same table and this column is referenced for the thumbnail update and not the filename, i.e. NGG is still the original thumbnail filename and recreating that file not the new file.

There are two steps required, change the filename in that column and delete the metadata field value back to null or empty. Then you can re-create your thumbnails and they will work with the new filename.

CVE-2015-0235 Ghost glibc Debian Wheezy CentOS 5.11 6.6 gethost security Testing

Thanks to https://gist.github.com/koelling/ef9b2b9d0be6d6dbab63 for a script to test for this vulnerability.

Update: Another option for Debian, at least, is to check ldd –version

[code]ldd –version
ldd (Debian EGLIBC 2.13-38+deb7u7) 2.13[/code]

Check the last digit in the minor release number, ‘deb7u7’ is good, ‘deb7u6’ or less are vulnerable.

First download the file:

[code]wget https://gist.githubusercontent.com/koelling/ef9b2b9d0be6d6dbab63/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c[/code]

If you have a certificate error you may want to use the wget –no-check-certificate option

[code]wget –no-check-certificate https://gist.githubusercontent.com/koelling/ef9b2b9d0be6d6dbab63/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c[/code]

Then run this to check

[code]gcc gistfile1.c -o CVE-2015-0235[/code]

You may get a gcc file not found error

[code]# gcc gistfile1.c -o CVE-2015-0235
-bash: gcc: command not found[/code]

— I am assuming at this time that it means th GNU LibC glibc is not installed and therefore the system is not vulnerable. Similarly the Synology NAS devices that I use are all showing a null result for glibc.

…..but if gcc is available, then use this to show the result:

[code]./CVE-2015-0235[/code]

Either your will be “vulnerable” or “not vulnerable”

and you can follow my adventures in patching Debian and CentOS / CPanel servers for glibc in another post.

Thanks to https://news.ycombinator.com/item?id=8953545 for linking me to this originally.